Warning: Permanently added '[localhost]:46641' (ED25519) to the list of known hosts.
2025/07/09 09:22:21 ignoring optional flag "sandboxArg"="0"
2025/07/09 09:22:23 parsed 1 programs
syzkaller login: [ 86.974945][ T5333] cgroup: Unknown subsys name 'net'
[ 87.063911][ T5333] cgroup: Unknown subsys name 'cpuset'
[ 87.071776][ T5333] cgroup: Unknown subsys name 'rlimit'
[ 88.685071][ T5333] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.912245][ T10] cfg80211: failed to load regulatory.db
[ 92.683220][ T5351] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 95.352955][ T5394] chnl_net:caif_netlink_parms(): no params data found
[ 95.416940][ T5394] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.421327][ T5394] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.424615][ T5394] bridge_slave_0: entered allmulticast mode
[ 95.428459][ T5394] bridge_slave_0: entered promiscuous mode
[ 95.435262][ T5394] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.438287][ T5394] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.442443][ T5394] bridge_slave_1: entered allmulticast mode
[ 95.446522][ T5394] bridge_slave_1: entered promiscuous mode
[ 95.473675][ T5394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 95.480869][ T5394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 95.507511][ T5394] team0: Port device team_slave_0 added
[ 95.512889][ T5394] team0: Port device team_slave_1 added
[ 95.535171][ T5394] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 95.538333][ T5394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.550180][ T5394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 95.556987][ T5394] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 95.560451][ T5394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.572503][ T5394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 95.607773][ T5394] hsr_slave_0: entered promiscuous mode
[ 95.611681][ T5394] hsr_slave_1: entered promiscuous mode
[ 95.771122][ T5394] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 95.781108][ T5394] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 95.788869][ T5394] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 95.796971][ T5394] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 95.835350][ T5394] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.838655][ T5394] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.842828][ T5394] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.845926][ T5394] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.907258][ T5394] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.922992][ T14] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.927343][ T14] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.942054][ T5394] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.952751][ T1046] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.956132][ T1046] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.966086][ T1046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.969494][ T1046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.213352][ T5394] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.277946][ T5394] veth0_vlan: entered promiscuous mode
[ 96.295286][ T5394] veth1_vlan: entered promiscuous mode
[ 96.353835][ T5394] veth0_macvtap: entered promiscuous mode
[ 96.369756][ T5394] veth1_macvtap: entered promiscuous mode
[ 96.410642][ T5394] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.423700][ T5394] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.443943][ T5394] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.448150][ T5394] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.460705][ T5394] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.464583][ T5394] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.682073][ T5394] syz-executor (5394) used greatest stack depth: 20152 bytes left
[ 96.714650][ T3034] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.748081][ T5415] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 96.753469][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 96.756745][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 96.762998][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 96.766255][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 96.788862][ T3034] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.881534][ T3034] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 96.941355][ T3034] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.175420][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.178719][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.214330][ T1042] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.217503][ T1042] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/09 09:22:36 executed programs: 0
[ 97.871141][ T4690] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 97.875391][ T4690] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 97.878931][ T4690] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 97.883798][ T4690] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 97.888216][ T4690] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 98.052601][ T5436] chnl_net:caif_netlink_parms(): no params data found
[ 98.121438][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.124704][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.127660][ T5436] bridge_slave_0: entered allmulticast mode
[ 98.132588][ T5436] bridge_slave_0: entered promiscuous mode
[ 98.137143][ T5436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.141078][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.143899][ T5436] bridge_slave_1: entered allmulticast mode
[ 98.147760][ T5436] bridge_slave_1: entered promiscuous mode
[ 98.171537][ T5436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 98.177942][ T5436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 98.206295][ T5436] team0: Port device team_slave_0 added
[ 98.211831][ T5436] team0: Port device team_slave_1 added
[ 98.233742][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 98.236576][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.248153][ T5436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 98.255911][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 98.259036][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 98.272479][ T5436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 98.315785][ T5436] hsr_slave_0: entered promiscuous mode
[ 98.319256][ T5436] hsr_slave_1: entered promiscuous mode
[ 98.322703][ T5436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 98.326274][ T5436] Cannot create hsr debugfs directory
[ 98.699191][ T3034] bridge_slave_1: left allmulticast mode
[ 98.713331][ T3034] bridge_slave_1: left promiscuous mode
[ 98.716195][ T3034] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.734523][ T3034] bridge_slave_0: left allmulticast mode
[ 98.736987][ T3034] bridge_slave_0: left promiscuous mode
[ 98.739455][ T3034] bridge0: port 1(bridge_slave_0) entered disabled state
[ 99.164773][ T3034] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 99.170857][ T3034] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 99.175829][ T3034] bond0 (unregistering): Released all slaves
[ 99.267577][ T3034] hsr_slave_0: left promiscuous mode
[ 99.282817][ T3034] hsr_slave_1: left promiscuous mode
[ 99.285662][ T3034] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 99.288860][ T3034] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 99.294023][ T3034] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 99.297010][ T3034] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 99.308041][ T3034] veth1_macvtap: left promiscuous mode
[ 99.311283][ T3034] veth0_macvtap: left promiscuous mode
[ 99.314183][ T3034] veth1_vlan: left promiscuous mode
[ 99.316911][ T3034] veth0_vlan: left promiscuous mode
[ 99.608466][ T3034] team0 (unregistering): Port device team_slave_1 removed
[ 99.628195][ T3034] team0 (unregistering): Port device team_slave_0 removed
[ 99.911826][ T45] Bluetooth: hci0: command tx timeout
[ 100.432054][ T5436] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 100.448179][ T5436] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 100.475185][ T5436] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 100.564685][ T5436] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 100.818372][ T5436] 8021q: adding VLAN 0 to HW filter on device bond0
[ 100.875148][ T5436] 8021q: adding VLAN 0 to HW filter on device team0
[ 100.904627][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.907647][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 100.943406][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.946486][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 101.350918][ T5436] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 101.422890][ T5436] veth0_vlan: entered promiscuous mode
[ 101.428995][ T5436] veth1_vlan: entered promiscuous mode
[ 101.488092][ T5436] veth0_macvtap: entered promiscuous mode
[ 101.503930][ T5436] veth1_macvtap: entered promiscuous mode
[ 101.532457][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 101.541317][ T5436] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 101.561204][ T5436] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.564733][ T5436] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.567904][ T5436] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.593522][ T5436] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 101.713960][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.717558][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.763174][ T3034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 101.766618][ T3034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 101.992581][ T45] Bluetooth: hci0: command tx timeout
[ 102.118068][ T5482] loop0: detected capacity change from 0 to 32768
[ 102.184124][ T102] BUG: spinlock bad magic on CPU#0, jfsCommit/102
[ 102.187044][ T102] ==================================================================
[ 102.191985][ T102] BUG: KASAN: slab-out-of-bounds in string+0x231/0x2b0
[ 102.195765][ T102] Read of size 1 at addr ffff8880428ad338 by task jfsCommit/102
[ 102.199127][ T102]
[ 102.200515][ T102] CPU: 0 UID: 0 PID: 102 Comm: jfsCommit Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full)
[ 102.200532][ T102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 102.200539][ T102] Call Trace:
[ 102.200546][ T102]
[ 102.200552][ T102] dump_stack_lvl+0x189/0x250
[ 102.200570][ T102] ? __virt_addr_valid+0x1c8/0x5c0
[ 102.200584][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.200655][ T102] ? __pfx_dump_stack_lvl+0x10/0x10
[ 102.200667][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.200680][ T102] ? lock_release+0x4b/0x3e0
[ 102.200692][ T102] ? __virt_addr_valid+0x1c8/0x5c0
[ 102.200706][ T102] ? __virt_addr_valid+0x4a5/0x5c0
[ 102.200720][ T102] print_report+0xd2/0x2b0
[ 102.200731][ T102] ? string+0x231/0x2b0
[ 102.200743][ T102] kasan_report+0x118/0x150
[ 102.200758][ T102] ? number+0xb1/0xf60
[ 102.200771][ T102] ? string+0x231/0x2b0
[ 102.200785][ T102] string+0x231/0x2b0
[ 102.200799][ T102] vsnprintf+0x739/0xf00
[ 102.200815][ T102] vprintk_store+0x3c7/0xd00
[ 102.200831][ T102] ? __pfx_vprintk_store+0x10/0x10
[ 102.200843][ T102] ? __console_unlock+0x136/0x1a0
[ 102.200857][ T102] ? __pfx___console_unlock+0x10/0x10
[ 102.200874][ T102] ? __irq_work_queue_local+0x1de/0x550
[ 102.200886][ T102] ? __pfx___irq_work_queue_local+0x10/0x10
[ 102.200897][ T102] ? console_unlock+0x21b/0x270
[ 102.200912][ T102] ? is_printk_cpu_sync_owner+0x32/0x40
[ 102.200929][ T102] vprintk_emit+0x21e/0x7a0
[ 102.200943][ T102] ? __pfx_vprintk_emit+0x10/0x10
[ 102.200956][ T102] ? __is_module_percpu_address+0x28/0x3f0
[ 102.200970][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.200982][ T102] ? __kasan_check_byte+0x12/0x40
[ 102.200996][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.201009][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.201021][ T102] ? __kasan_check_byte+0x12/0x40
[ 102.201036][ T102] _printk+0xcf/0x120
[ 102.201052][ T102] ? __pfx__printk+0x10/0x10
[ 102.201068][ T102] ? __lock_acquire+0x99/0xd20
[ 102.201080][ T102] spin_dump+0x102/0x1a0
[ 102.201094][ T102] do_raw_spin_lock+0x1ca/0x290
[ 102.201110][ T102] ? __wake_up_common_lock+0x2f/0x1f0
[ 102.201127][ T102] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 102.201146][ T102] _raw_spin_lock_irqsave+0xb3/0xf0
[ 102.201162][ T102] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 102.201186][ T102] ? dbFree+0x4d1/0x650
[ 102.201202][ T102] __wake_up_common_lock+0x2f/0x1f0
[ 102.201220][ T102] release_metapage+0x13c/0xac0
[ 102.201232][ T102] ? txFreeMap+0xb19/0xde0
[ 102.201247][ T102] ? do_raw_spin_unlock+0x4d/0x240
[ 102.201263][ T102] xtTruncate+0xe71/0x2dd0
[ 102.201280][ T102] ? __pfx_xtTruncate+0x10/0x10
[ 102.201295][ T102] ? reacquire_held_locks+0x127/0x1d0
[ 102.201308][ T102] ? __mark_inode_dirty+0x4a6/0xdf0
[ 102.201327][ T102] ? __asan_memset+0x22/0x50
[ 102.201337][ T102] ? __dquot_initialize+0x218/0xcb0
[ 102.201353][ T102] jfs_free_zero_link+0x33a/0x4a0
[ 102.201364][ T102] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 102.201375][ T102] ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 102.201393][ T102] jfs_evict_inode+0x363/0x440
[ 102.201410][ T102] ? evict+0x4f8/0x9c0
[ 102.201422][ T102] ? __pfx_jfs_evict_inode+0x10/0x10
[ 102.201438][ T102] evict+0x501/0x9c0
[ 102.201451][ T102] ? __pfx_evict+0x10/0x10
[ 102.201461][ T102] ? do_raw_spin_unlock+0x4d/0x240
[ 102.201476][ T102] ? _raw_spin_unlock+0x28/0x50
[ 102.201491][ T102] ? iput+0x6d8/0x9d0
[ 102.201508][ T102] jfs_lazycommit+0x43f/0xa90
[ 102.201523][ T102] ? __pfx_jfs_lazycommit+0x10/0x10
[ 102.201536][ T102] ? __pfx_default_wake_function+0x10/0x10
[ 102.201548][ T102] ? __kthread_parkme+0x7b/0x200
[ 102.201562][ T102] ? __kthread_parkme+0x1a1/0x200
[ 102.201576][ T102] kthread+0x70e/0x8a0
[ 102.201592][ T102] ? __pfx_jfs_lazycommit+0x10/0x10
[ 102.201616][ T102] ? __pfx_kthread+0x10/0x10
[ 102.201630][ T102] ? _raw_spin_unlock_irq+0x23/0x50
[ 102.201644][ T102] ? lockdep_hardirqs_on+0x9c/0x150
[ 102.201660][ T102] ? __pfx_kthread+0x10/0x10
[ 102.201674][ T102] ret_from_fork+0x3f9/0x770
[ 102.201686][ T102] ? __pfx_ret_from_fork+0x10/0x10
[ 102.201698][ T102] ? __pfx_kthread+0x10/0x10
[ 102.201712][ T102] ret_from_fork_asm+0x1a/0x30
[ 102.201731][ T102]
[ 102.201735][ T102]
[ 102.380672][ T102] The buggy address belongs to the object at ffff8880428ad2f8
[ 102.380672][ T102] which belongs to the cache jfs_ip of size 2232
[ 102.387618][ T102] The buggy address is located 64 bytes inside of
[ 102.387618][ T102] allocated 2232-byte region [ffff8880428ad2f8, ffff8880428adbb0)
[ 102.393966][ T102]
[ 102.395066][ T102] The buggy address belongs to the physical page:
[ 102.397838][ T102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x428a8
[ 102.401549][ T102] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 102.405012][ T102] memcg:ffff888031bcff01
[ 102.406875][ T102] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 102.410111][ T102] page_type: f5(slab)
[ 102.411919][ T102] raw: 04fff00000000040 ffff88803275da00 dead000000000122 0000000000000000
[ 102.415793][ T102] raw: 0000000000000000 00000000800d000d 00000000f5000000 ffff888031bcff01
[ 102.419596][ T102] head: 04fff00000000040 ffff88803275da00 dead000000000122 0000000000000000
[ 102.423530][ T102] head: 0000000000000000 00000000800d000d 00000000f5000000 ffff888031bcff01
[ 102.427533][ T102] head: 04fff00000000003 ffffea00010a2a01 00000000ffffffff 00000000ffffffff
[ 102.432045][ T102] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 102.435947][ T102] page dumped because: kasan: bad access detected
[ 102.438933][ T102] page_owner tracks the page as allocated
[ 102.441548][ T102] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5482, tgid 5482 (syz.0.16), ts 102131681735, free_ts 93645368594
[ 102.450706][ T102] post_alloc_hook+0x240/0x2a0
[ 102.452974][ T102] get_page_from_freelist+0x21e4/0x22c0
[ 102.455381][ T102] __alloc_frozen_pages_noprof+0x181/0x370
[ 102.457865][ T102] alloc_pages_mpol+0x232/0x4a0
[ 102.459951][ T102] allocate_slab+0x8a/0x3b0
[ 102.461939][ T102] ___slab_alloc+0xbfc/0x1480
[ 102.464098][ T102] kmem_cache_alloc_lru_noprof+0x288/0x3d0
[ 102.466699][ T102] jfs_alloc_inode+0x28/0x70
[ 102.468871][ T102] alloc_inode+0x67/0x1b0
[ 102.471084][ T102] new_inode+0x22/0x170
[ 102.473108][ T102] jfs_fill_super+0x569/0xd90
[ 102.475121][ T102] get_tree_bdev_flags+0x40e/0x4d0
[ 102.477169][ T102] vfs_get_tree+0x92/0x2b0
[ 102.479169][ T102] do_new_mount+0x24a/0xa40
[ 102.481242][ T102] __se_sys_mount+0x317/0x410
[ 102.483157][ T102] do_syscall_64+0xfa/0x3b0
[ 102.484820][ T102] page last free pid 5371 tgid 5371 stack trace:
[ 102.487264][ T102] __free_frozen_pages+0xc71/0xe70
[ 102.489144][ T102] __slab_free+0x326/0x400
[ 102.490758][ T102] qlist_free_all+0x97/0x140
[ 102.492566][ T102] kasan_quarantine_reduce+0x148/0x160
[ 102.494472][ T102] __kasan_slab_alloc+0x22/0x80
[ 102.496660][ T102] __kmalloc_noprof+0x224/0x4f0
[ 102.498648][ T102] tomoyo_realpath_from_path+0xe3/0x5d0
[ 102.501004][ T102] tomoyo_check_open_permission+0x1c1/0x3b0
[ 102.503150][ T102] security_file_open+0xb1/0x270
[ 102.505266][ T102] do_dentry_open+0x35e/0x1970
[ 102.507387][ T102] vfs_open+0x3b/0x340
[ 102.509163][ T102] path_openat+0x2ee5/0x3830
[ 102.511175][ T102] do_filp_open+0x1fa/0x410
[ 102.513227][ T102] do_sys_openat2+0x121/0x1c0
[ 102.515276][ T102] __x64_sys_openat+0x138/0x170
[ 102.517282][ T102] do_syscall_64+0xfa/0x3b0
[ 102.519321][ T102]
[ 102.520408][ T102] Memory state around the buggy address:
[ 102.522605][ T102] ffff8880428ad200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 102.525887][ T102] ffff8880428ad280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.529172][ T102] >ffff8880428ad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.532391][ T102] ^
[ 102.535009][ T102] ffff8880428ad380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.538421][ T102] ffff8880428ad400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 102.541722][ T102] ==================================================================
[ 102.544952][ T102] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 102.547970][ T102] CPU: 0 UID: 0 PID: 102 Comm: jfsCommit Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full)
[ 102.552703][ T102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 102.557219][ T102] Call Trace:
[ 102.558687][ T102]
[ 102.560004][ T102] dump_stack_lvl+0x99/0x250
[ 102.562092][ T102] ? __asan_memcpy+0x40/0x70
[ 102.563944][ T102] ? __pfx_dump_stack_lvl+0x10/0x10
[ 102.566070][ T102] ? __pfx__printk+0x10/0x10
[ 102.568102][ T102] panic+0x2db/0x790
[ 102.569806][ T102] ? __pfx_panic+0x10/0x10
[ 102.571753][ T102] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 102.574187][ T102] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 102.576737][ T102] ? print_memory_metadata+0x314/0x400
[ 102.578942][ T102] ? string+0x231/0x2b0
[ 102.580748][ T102] check_panic_on_warn+0x89/0xb0
[ 102.582807][ T102] ? string+0x231/0x2b0
[ 102.584706][ T102] end_report+0x78/0x160
[ 102.586549][ T102] kasan_report+0x129/0x150
[ 102.588370][ T102] ? number+0xb1/0xf60
[ 102.590045][ T102] ? string+0x231/0x2b0
[ 102.591915][ T102] string+0x231/0x2b0
[ 102.593582][ T102] vsnprintf+0x739/0xf00
[ 102.595369][ T102] vprintk_store+0x3c7/0xd00
[ 102.597313][ T102] ? __pfx_vprintk_store+0x10/0x10
[ 102.599465][ T102] ? __console_unlock+0x136/0x1a0
[ 102.601775][ T102] ? __pfx___console_unlock+0x10/0x10
[ 102.604358][ T102] ? __irq_work_queue_local+0x1de/0x550
[ 102.607111][ T102] ? __pfx___irq_work_queue_local+0x10/0x10
[ 102.609499][ T102] ? console_unlock+0x21b/0x270
[ 102.611632][ T102] ? is_printk_cpu_sync_owner+0x32/0x40
[ 102.613758][ T102] vprintk_emit+0x21e/0x7a0
[ 102.615614][ T102] ? __pfx_vprintk_emit+0x10/0x10
[ 102.617692][ T102] ? __is_module_percpu_address+0x28/0x3f0
[ 102.620280][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.622467][ T102] ? __kasan_check_byte+0x12/0x40
[ 102.624592][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.626492][ T102] ? rcu_is_watching+0x15/0xb0
[ 102.628577][ T102] ? __kasan_check_byte+0x12/0x40
[ 102.630632][ T102] _printk+0xcf/0x120
[ 102.632460][ T102] ? __pfx__printk+0x10/0x10
[ 102.634441][ T102] ? __lock_acquire+0x99/0xd20
[ 102.636454][ T102] spin_dump+0x102/0x1a0
[ 102.638319][ T102] do_raw_spin_lock+0x1ca/0x290
[ 102.640500][ T102] ? __wake_up_common_lock+0x2f/0x1f0
[ 102.642958][ T102] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 102.645318][ T102] _raw_spin_lock_irqsave+0xb3/0xf0
[ 102.647490][ T102] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 102.649957][ T102] ? dbFree+0x4d1/0x650
[ 102.651920][ T102] __wake_up_common_lock+0x2f/0x1f0
[ 102.654118][ T102] release_metapage+0x13c/0xac0
[ 102.656162][ T102] ? txFreeMap+0xb19/0xde0
[ 102.658072][ T102] ? do_raw_spin_unlock+0x4d/0x240
[ 102.660297][ T102] xtTruncate+0xe71/0x2dd0
[ 102.662346][ T102] ? __pfx_xtTruncate+0x10/0x10
[ 102.664437][ T102] ? reacquire_held_locks+0x127/0x1d0
[ 102.666693][ T102] ? __mark_inode_dirty+0x4a6/0xdf0
[ 102.668964][ T102] ? __asan_memset+0x22/0x50
[ 102.670904][ T102] ? __dquot_initialize+0x218/0xcb0
[ 102.673244][ T102] jfs_free_zero_link+0x33a/0x4a0
[ 102.675504][ T102] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 102.677824][ T102] ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 102.680337][ T102] jfs_evict_inode+0x363/0x440
[ 102.682378][ T102] ? evict+0x4f8/0x9c0
[ 102.684062][ T102] ? __pfx_jfs_evict_inode+0x10/0x10
[ 102.686247][ T102] evict+0x501/0x9c0
[ 102.688004][ T102] ? __pfx_evict+0x10/0x10
[ 102.689953][ T102] ? do_raw_spin_unlock+0x4d/0x240
[ 102.692377][ T102] ? _raw_spin_unlock+0x28/0x50
[ 102.694332][ T102] ? iput+0x6d8/0x9d0
[ 102.695953][ T102] jfs_lazycommit+0x43f/0xa90
[ 102.698014][ T102] ? __pfx_jfs_lazycommit+0x10/0x10
[ 102.700253][ T102] ? __pfx_default_wake_function+0x10/0x10
[ 102.702754][ T102] ? __kthread_parkme+0x7b/0x200
[ 102.704765][ T102] ? __kthread_parkme+0x1a1/0x200
[ 102.706864][ T102] kthread+0x70e/0x8a0
[ 102.708609][ T102] ? __pfx_jfs_lazycommit+0x10/0x10
[ 102.710926][ T102] ? __pfx_kthread+0x10/0x10
[ 102.713130][ T102] ? _raw_spin_unlock_irq+0x23/0x50
[ 102.715425][ T102] ? lockdep_hardirqs_on+0x9c/0x150
[ 102.717905][ T102] ? __pfx_kthread+0x10/0x10
[ 102.720311][ T102] ret_from_fork+0x3f9/0x770
[ 102.722527][ T102] ? __pfx_ret_from_fork+0x10/0x10
[ 102.724902][ T102] ? __pfx_kthread+0x10/0x10
[ 102.726968][ T102] ret_from_fork_asm+0x1a/0x30
[ 102.729166][ T102]
[ 102.730960][ T102] Kernel Offset: disabled
[ 102.733023][ T102] Rebooting in 86400 seconds..
VM DIAGNOSIS:
09:22:40 Registers:
info registers vcpu 0
CPU#0
RAX=000000000000003d RBX=000000000000003d RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900018d68f0
R8 =ffff888033f20237 R9 =1ffff110067e4046 R10=dffffc0000000000 R11=ffffffff85477780
R12=dffffc0000000000 R13=ffffffff99af98bb R14=ffffffff99dfe6e0 R15=0000000000000000
RIP=ffffffff854777fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88808d21b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb16cf7f000 CR3=0000000059812000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 40b83929474d8335
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0ffaa36a0ffaa36 a0ffaa36a0ffaa36
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfc5e585bfc5e585 bfc5e585bfc5e585
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f510ad6894e6050c 6846d23cdc2ec3cd
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a3a347e8fc53b24a 2561c05fcd6c6070
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dac65e723ab75562 9a680dcf89656ad8
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a16aa673f3467ba2 6e9cae24d5f6d9e1
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 250d6840ac198f6d 470826fee6915440
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b6996aba73e6122e 9c3c585c462c251f
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9fe516c3ea13af4b 8306b04356d48107
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7a5960e474c7e897 725497f90fd532b7
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9d0ddd059d0ddd05 9d0ddd059d0ddd05
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 930f397f930f397f 930f397f930f397f
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a46c3760a46c3760 a46c3760a46c3760
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000